Table of Contents
Advertisement
◉
Server hostname
◉
Port
◉
Secret key
◉
Timeout (waiting time for response from the Radius server, can be set between
one and 15 seconds)
◉
Privilege level mappings (allows adding one or more rules for users. These
rules are integer or string type attributes, requiring a name and a value. During
authentication, the system checks if a user matches the rules. If there is a match
between a user and a rule, then a role is applied for the user)
Note:
to add a new rule, click on the
▶
on the
◉
Fallback role (comes into place when there isn't a match between a user and a
rule, with the 'none' option denying authentication access to any user)
Custom Authentication Configuration
X2-SERIES products allow users to not only define multiple authentication methods
but also to configure how the different methods are used by the board. Clicking
on "Configure Authentication" button allows users to see the list of available
authentication methods and change their priority and activation strategy. For each
method one of the following strategies can be selected:
◉
Enable:
The method is activated and it will be used to authenticate users;
◉
Disable:
The method is not active and its configuration will be ignored;
◉
Restrict:
A restricted authentication method is activated only if all higher priority
methods are failing access. In the case of RADIUS or TACACS+ methods this
means no server is responding (or no server is programmed). If only one of the
registered RADIUS/TACACS+ servers replies with a rejection the following
restricted methods will be skipped. Note that "Local Users" are always available,
meaning that any "restrict" method after that will never be activated.
button.
button. To apply the rule, click
19
Advertisement
Table of Contents
